<html><body>
<style>

body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}

body {
  font-size: 13px;
  padding: 1em;
}

h1 {
  font-size: 26px;
  margin-bottom: 1em;
}

h2 {
  font-size: 24px;
  margin-bottom: 1em;
}

h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}

pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}

pre {
  margin-top: 0.5em;
}

h1, h2, h3, p {
  font-family: Arial, sans serif;
}

h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}

.toc_element {
  margin-top: 0.5em;
}

.firstline {
  margin-left: 2 em;
}

.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}

.details {
  font-weight: bold;
  font-size: 14px;
}

</style>

<h1><a href="certificatemanager_v1.html">Certificate Manager API</a> . <a href="certificatemanager_v1.projects.html">projects</a> . <a href="certificatemanager_v1.projects.locations.html">locations</a> . <a href="certificatemanager_v1.projects.locations.certificates.html">certificates</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="#close">close()</a></code></p>
<p class="firstline">Close httplib2 connections.</p>
<p class="toc_element">
  <code><a href="#create">create(parent, body=None, certificateId=None, x__xgafv=None)</a></code></p>
<p class="firstline">Creates a new Certificate in a given project and location.</p>
<p class="toc_element">
  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
<p class="firstline">Deletes a single Certificate.</p>
<p class="toc_element">
  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Gets details of a single Certificate.</p>
<p class="toc_element">
  <code><a href="#list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
<p class="firstline">Lists Certificates in a given project and location.</p>
<p class="toc_element">
  <code><a href="#list_next">list_next()</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<p class="toc_element">
  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
<p class="firstline">Updates a Certificate.</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="close">close()</code>
  <pre>Close httplib2 connections.</pre>
</div>

<div class="method">
    <code class="details" id="create">create(parent, body=None, certificateId=None, x__xgafv=None)</code>
  <pre>Creates a new Certificate in a given project and location.

Args:
  parent: string, Required. The parent resource of the certificate. Must be in the format `projects/*/locations/*`. (required)
  body: object, The request body.
    The object takes the form of:

{ # Defines TLS certificate.
  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The creation timestamp of a Certificate.
  &quot;description&quot;: &quot;A String&quot;, # Optional. One or more paragraphs of text description of a certificate.
  &quot;expireTime&quot;: &quot;A String&quot;, # Output only. The expiry timestamp of a Certificate.
  &quot;labels&quot;: { # Optional. Set of labels associated with a Certificate.
    &quot;a_key&quot;: &quot;A String&quot;,
  },
  &quot;managed&quot;: { # Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it&#x27;s authorized to do so. # If set, contains configuration and state of a managed certificate.
    &quot;authorizationAttemptInfo&quot;: [ # Output only. Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
      { # State of the latest attempt to authorize a domain for certificate issuance.
        &quot;attemptTime&quot;: &quot;A String&quot;, # Output only. The timestamp, when the authorization attempt was made.
        &quot;details&quot;: &quot;A String&quot;, # Output only. Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
        &quot;domain&quot;: &quot;A String&quot;, # Output only. Domain name of the authorization attempt.
        &quot;failureReason&quot;: &quot;A String&quot;, # Output only. Reason for failure of the authorization attempt for the domain.
        &quot;state&quot;: &quot;A String&quot;, # Output only. State of the domain for managed certificate issuance.
        &quot;troubleshooting&quot;: { # Troubleshooting information for the authorization attempt. # Output only. Troubleshooting information for the authorization attempt. This field is only populated if the authorization attempt failed.
          &quot;cname&quot;: { # CNAME troubleshooting information. # Output only. CNAME troubleshooting information.
            &quot;expectedData&quot;: &quot;A String&quot;, # Output only. The expected value of the CNAME record for the domain, equals to `dns_resource_record.data` in the corresponding `DnsAuthorization`.
            &quot;name&quot;: &quot;A String&quot;, # Output only. The name of the CNAME record for the domain, equals to `dns_resource_record.name` in the corresponding `DnsAuthorization`.
            &quot;resolvedData&quot;: [ # Output only. The resolved CNAME chain. Empty list if the CNAME record for `CNAME.name` is not found. Otherwise the first item is the value of the CNAME record for `CNAME.name`. If the CNAME chain is longer, the second item is the value of the CNAME record for the first item, and so on.
              &quot;A String&quot;,
            ],
          },
          &quot;ips&quot;: { # IPs troubleshooting information. # Output only. IPs troubleshooting information.
            &quot;resolved&quot;: [ # Output only. The list of IP addresses resolved from the domain&#x27;s A/AAAA records. Can contain both ipv4 and ipv6 addresses.
              &quot;A String&quot;,
            ],
            &quot;serving&quot;: [ # Output only. The list of IP addresses, where the certificate is attached and port 443 is open.
              &quot;A String&quot;,
            ],
            &quot;servingOnAltPorts&quot;: [ # Output only. The list of IP addresses, where the certificate is attached, but port 443 is not open.
              &quot;A String&quot;,
            ],
          },
          &quot;issues&quot;: [ # Output only. The list of issues discovered during the authorization attempt.
            &quot;A String&quot;,
          ],
        },
      },
    ],
    &quot;dnsAuthorizations&quot;: [ # Optional. Immutable. Authorizations that will be used for performing domain authorization.
      &quot;A String&quot;,
    ],
    &quot;domains&quot;: [ # Optional. Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
      &quot;A String&quot;,
    ],
    &quot;issuanceConfig&quot;: &quot;A String&quot;, # Optional. Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format `projects/*/locations/*/certificateIssuanceConfigs/*`. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
    &quot;provisioningIssue&quot;: { # Information about issues with provisioning a Managed Certificate. # Output only. Information about issues with provisioning a Managed Certificate.
      &quot;details&quot;: &quot;A String&quot;, # Output only. Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.
      &quot;reason&quot;: &quot;A String&quot;, # Output only. Reason for provisioning failures.
    },
    &quot;state&quot;: &quot;A String&quot;, # Output only. State of the managed certificate resource.
  },
  &quot;name&quot;: &quot;A String&quot;, # Identifier. A user-defined name of the certificate. Certificate names must be unique globally and match pattern `projects/*/locations/*/certificates/*`.
  &quot;pemCertificate&quot;: &quot;A String&quot;, # Output only. The PEM-encoded certificate chain.
  &quot;sanDnsnames&quot;: [ # Output only. The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven&#x27;t been provisioned yet have this field populated with a value of the managed.domains field.
    &quot;A String&quot;,
  ],
  &quot;scope&quot;: &quot;A String&quot;, # Optional. Immutable. The scope of the certificate.
  &quot;selfManaged&quot;: { # Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user&#x27;s responsibility. # If set, defines data of a self-managed certificate.
    &quot;pemCertificate&quot;: &quot;A String&quot;, # Optional. Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
    &quot;pemPrivateKey&quot;: &quot;A String&quot;, # Optional. Input only. The PEM-encoded private key of the leaf certificate.
  },
  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The last update timestamp of a Certificate.
  &quot;usedBy&quot;: [ # Output only. The list of resources that use this Certificate.
    { # Defines a resource that uses the certificate.
      &quot;name&quot;: &quot;A String&quot;, # Output only. Full name of the resource https://google.aip.dev/122#full-resource-names, e.g. `//certificatemanager.googleapis.com/projects/*/locations/*/certificateMaps/*/certificateMapEntries/*` or `//compute.googleapis.com/projects/*/locations/*/targetHttpsProxies/*`.
    },
  ],
}

  certificateId: string, Required. A user-provided name of the certificate.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # This resource represents a long-running operation that is the result of a network API call.
  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
      {
        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
      },
    ],
    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
  },
  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
  },
  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
  &quot;response&quot;: { # The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
  },
}</pre>
</div>

<div class="method">
    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
  <pre>Deletes a single Certificate.

Args:
  name: string, Required. A name of the certificate to delete. Must be in the format `projects/*/locations/*/certificates/*`. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # This resource represents a long-running operation that is the result of a network API call.
  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
      {
        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
      },
    ],
    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
  },
  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
  },
  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
  &quot;response&quot;: { # The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
  },
}</pre>
</div>

<div class="method">
    <code class="details" id="get">get(name, x__xgafv=None)</code>
  <pre>Gets details of a single Certificate.

Args:
  name: string, Required. A name of the certificate to describe. Must be in the format `projects/*/locations/*/certificates/*`. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Defines TLS certificate.
  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The creation timestamp of a Certificate.
  &quot;description&quot;: &quot;A String&quot;, # Optional. One or more paragraphs of text description of a certificate.
  &quot;expireTime&quot;: &quot;A String&quot;, # Output only. The expiry timestamp of a Certificate.
  &quot;labels&quot;: { # Optional. Set of labels associated with a Certificate.
    &quot;a_key&quot;: &quot;A String&quot;,
  },
  &quot;managed&quot;: { # Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it&#x27;s authorized to do so. # If set, contains configuration and state of a managed certificate.
    &quot;authorizationAttemptInfo&quot;: [ # Output only. Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
      { # State of the latest attempt to authorize a domain for certificate issuance.
        &quot;attemptTime&quot;: &quot;A String&quot;, # Output only. The timestamp, when the authorization attempt was made.
        &quot;details&quot;: &quot;A String&quot;, # Output only. Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
        &quot;domain&quot;: &quot;A String&quot;, # Output only. Domain name of the authorization attempt.
        &quot;failureReason&quot;: &quot;A String&quot;, # Output only. Reason for failure of the authorization attempt for the domain.
        &quot;state&quot;: &quot;A String&quot;, # Output only. State of the domain for managed certificate issuance.
        &quot;troubleshooting&quot;: { # Troubleshooting information for the authorization attempt. # Output only. Troubleshooting information for the authorization attempt. This field is only populated if the authorization attempt failed.
          &quot;cname&quot;: { # CNAME troubleshooting information. # Output only. CNAME troubleshooting information.
            &quot;expectedData&quot;: &quot;A String&quot;, # Output only. The expected value of the CNAME record for the domain, equals to `dns_resource_record.data` in the corresponding `DnsAuthorization`.
            &quot;name&quot;: &quot;A String&quot;, # Output only. The name of the CNAME record for the domain, equals to `dns_resource_record.name` in the corresponding `DnsAuthorization`.
            &quot;resolvedData&quot;: [ # Output only. The resolved CNAME chain. Empty list if the CNAME record for `CNAME.name` is not found. Otherwise the first item is the value of the CNAME record for `CNAME.name`. If the CNAME chain is longer, the second item is the value of the CNAME record for the first item, and so on.
              &quot;A String&quot;,
            ],
          },
          &quot;ips&quot;: { # IPs troubleshooting information. # Output only. IPs troubleshooting information.
            &quot;resolved&quot;: [ # Output only. The list of IP addresses resolved from the domain&#x27;s A/AAAA records. Can contain both ipv4 and ipv6 addresses.
              &quot;A String&quot;,
            ],
            &quot;serving&quot;: [ # Output only. The list of IP addresses, where the certificate is attached and port 443 is open.
              &quot;A String&quot;,
            ],
            &quot;servingOnAltPorts&quot;: [ # Output only. The list of IP addresses, where the certificate is attached, but port 443 is not open.
              &quot;A String&quot;,
            ],
          },
          &quot;issues&quot;: [ # Output only. The list of issues discovered during the authorization attempt.
            &quot;A String&quot;,
          ],
        },
      },
    ],
    &quot;dnsAuthorizations&quot;: [ # Optional. Immutable. Authorizations that will be used for performing domain authorization.
      &quot;A String&quot;,
    ],
    &quot;domains&quot;: [ # Optional. Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
      &quot;A String&quot;,
    ],
    &quot;issuanceConfig&quot;: &quot;A String&quot;, # Optional. Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format `projects/*/locations/*/certificateIssuanceConfigs/*`. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
    &quot;provisioningIssue&quot;: { # Information about issues with provisioning a Managed Certificate. # Output only. Information about issues with provisioning a Managed Certificate.
      &quot;details&quot;: &quot;A String&quot;, # Output only. Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.
      &quot;reason&quot;: &quot;A String&quot;, # Output only. Reason for provisioning failures.
    },
    &quot;state&quot;: &quot;A String&quot;, # Output only. State of the managed certificate resource.
  },
  &quot;name&quot;: &quot;A String&quot;, # Identifier. A user-defined name of the certificate. Certificate names must be unique globally and match pattern `projects/*/locations/*/certificates/*`.
  &quot;pemCertificate&quot;: &quot;A String&quot;, # Output only. The PEM-encoded certificate chain.
  &quot;sanDnsnames&quot;: [ # Output only. The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven&#x27;t been provisioned yet have this field populated with a value of the managed.domains field.
    &quot;A String&quot;,
  ],
  &quot;scope&quot;: &quot;A String&quot;, # Optional. Immutable. The scope of the certificate.
  &quot;selfManaged&quot;: { # Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user&#x27;s responsibility. # If set, defines data of a self-managed certificate.
    &quot;pemCertificate&quot;: &quot;A String&quot;, # Optional. Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
    &quot;pemPrivateKey&quot;: &quot;A String&quot;, # Optional. Input only. The PEM-encoded private key of the leaf certificate.
  },
  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The last update timestamp of a Certificate.
  &quot;usedBy&quot;: [ # Output only. The list of resources that use this Certificate.
    { # Defines a resource that uses the certificate.
      &quot;name&quot;: &quot;A String&quot;, # Output only. Full name of the resource https://google.aip.dev/122#full-resource-names, e.g. `//certificatemanager.googleapis.com/projects/*/locations/*/certificateMaps/*/certificateMapEntries/*` or `//compute.googleapis.com/projects/*/locations/*/targetHttpsProxies/*`.
    },
  ],
}</pre>
</div>

<div class="method">
    <code class="details" id="list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</code>
  <pre>Lists Certificates in a given project and location.

Args:
  parent: string, Required. The project and location from which the certificate should be listed, specified in the format `projects/*/locations/*`. (required)
  filter: string, Optional. Filter expression to restrict the Certificates returned.
  orderBy: string, Optional. A list of Certificate field names used to specify the order of the returned results. The default sorting order is ascending. To specify descending order for a field, add a suffix `&quot; desc&quot;`.
  pageSize: integer, Optional. Maximum number of certificates to return per call.
  pageToken: string, Optional. The value returned by the last `ListCertificatesResponse`. Indicates that this is a continuation of a prior `ListCertificates` call, and that the system should return the next page of data.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response for the `ListCertificates` method.
  &quot;certificates&quot;: [ # A list of certificates for the parent resource.
    { # Defines TLS certificate.
      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The creation timestamp of a Certificate.
      &quot;description&quot;: &quot;A String&quot;, # Optional. One or more paragraphs of text description of a certificate.
      &quot;expireTime&quot;: &quot;A String&quot;, # Output only. The expiry timestamp of a Certificate.
      &quot;labels&quot;: { # Optional. Set of labels associated with a Certificate.
        &quot;a_key&quot;: &quot;A String&quot;,
      },
      &quot;managed&quot;: { # Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it&#x27;s authorized to do so. # If set, contains configuration and state of a managed certificate.
        &quot;authorizationAttemptInfo&quot;: [ # Output only. Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
          { # State of the latest attempt to authorize a domain for certificate issuance.
            &quot;attemptTime&quot;: &quot;A String&quot;, # Output only. The timestamp, when the authorization attempt was made.
            &quot;details&quot;: &quot;A String&quot;, # Output only. Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
            &quot;domain&quot;: &quot;A String&quot;, # Output only. Domain name of the authorization attempt.
            &quot;failureReason&quot;: &quot;A String&quot;, # Output only. Reason for failure of the authorization attempt for the domain.
            &quot;state&quot;: &quot;A String&quot;, # Output only. State of the domain for managed certificate issuance.
            &quot;troubleshooting&quot;: { # Troubleshooting information for the authorization attempt. # Output only. Troubleshooting information for the authorization attempt. This field is only populated if the authorization attempt failed.
              &quot;cname&quot;: { # CNAME troubleshooting information. # Output only. CNAME troubleshooting information.
                &quot;expectedData&quot;: &quot;A String&quot;, # Output only. The expected value of the CNAME record for the domain, equals to `dns_resource_record.data` in the corresponding `DnsAuthorization`.
                &quot;name&quot;: &quot;A String&quot;, # Output only. The name of the CNAME record for the domain, equals to `dns_resource_record.name` in the corresponding `DnsAuthorization`.
                &quot;resolvedData&quot;: [ # Output only. The resolved CNAME chain. Empty list if the CNAME record for `CNAME.name` is not found. Otherwise the first item is the value of the CNAME record for `CNAME.name`. If the CNAME chain is longer, the second item is the value of the CNAME record for the first item, and so on.
                  &quot;A String&quot;,
                ],
              },
              &quot;ips&quot;: { # IPs troubleshooting information. # Output only. IPs troubleshooting information.
                &quot;resolved&quot;: [ # Output only. The list of IP addresses resolved from the domain&#x27;s A/AAAA records. Can contain both ipv4 and ipv6 addresses.
                  &quot;A String&quot;,
                ],
                &quot;serving&quot;: [ # Output only. The list of IP addresses, where the certificate is attached and port 443 is open.
                  &quot;A String&quot;,
                ],
                &quot;servingOnAltPorts&quot;: [ # Output only. The list of IP addresses, where the certificate is attached, but port 443 is not open.
                  &quot;A String&quot;,
                ],
              },
              &quot;issues&quot;: [ # Output only. The list of issues discovered during the authorization attempt.
                &quot;A String&quot;,
              ],
            },
          },
        ],
        &quot;dnsAuthorizations&quot;: [ # Optional. Immutable. Authorizations that will be used for performing domain authorization.
          &quot;A String&quot;,
        ],
        &quot;domains&quot;: [ # Optional. Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
          &quot;A String&quot;,
        ],
        &quot;issuanceConfig&quot;: &quot;A String&quot;, # Optional. Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format `projects/*/locations/*/certificateIssuanceConfigs/*`. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
        &quot;provisioningIssue&quot;: { # Information about issues with provisioning a Managed Certificate. # Output only. Information about issues with provisioning a Managed Certificate.
          &quot;details&quot;: &quot;A String&quot;, # Output only. Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.
          &quot;reason&quot;: &quot;A String&quot;, # Output only. Reason for provisioning failures.
        },
        &quot;state&quot;: &quot;A String&quot;, # Output only. State of the managed certificate resource.
      },
      &quot;name&quot;: &quot;A String&quot;, # Identifier. A user-defined name of the certificate. Certificate names must be unique globally and match pattern `projects/*/locations/*/certificates/*`.
      &quot;pemCertificate&quot;: &quot;A String&quot;, # Output only. The PEM-encoded certificate chain.
      &quot;sanDnsnames&quot;: [ # Output only. The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven&#x27;t been provisioned yet have this field populated with a value of the managed.domains field.
        &quot;A String&quot;,
      ],
      &quot;scope&quot;: &quot;A String&quot;, # Optional. Immutable. The scope of the certificate.
      &quot;selfManaged&quot;: { # Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user&#x27;s responsibility. # If set, defines data of a self-managed certificate.
        &quot;pemCertificate&quot;: &quot;A String&quot;, # Optional. Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
        &quot;pemPrivateKey&quot;: &quot;A String&quot;, # Optional. Input only. The PEM-encoded private key of the leaf certificate.
      },
      &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The last update timestamp of a Certificate.
      &quot;usedBy&quot;: [ # Output only. The list of resources that use this Certificate.
        { # Defines a resource that uses the certificate.
          &quot;name&quot;: &quot;A String&quot;, # Output only. Full name of the resource https://google.aip.dev/122#full-resource-names, e.g. `//certificatemanager.googleapis.com/projects/*/locations/*/certificateMaps/*/certificateMapEntries/*` or `//compute.googleapis.com/projects/*/locations/*/targetHttpsProxies/*`.
        },
      ],
    },
  ],
  &quot;nextPageToken&quot;: &quot;A String&quot;, # If there might be more results than those appearing in this response, then `next_page_token` is included. To get the next set of results, call this method again using the value of `next_page_token` as `page_token`.
  &quot;unreachable&quot;: [ # A list of locations that could not be reached.
    &quot;A String&quot;,
  ],
}</pre>
</div>

<div class="method">
    <code class="details" id="list_next">list_next()</code>
  <pre>Retrieves the next page of results.

        Args:
          previous_request: The request for the previous page. (required)
          previous_response: The response from the request for the previous page. (required)

        Returns:
          A request object that you can call &#x27;execute()&#x27; on to request the next
          page. Returns None if there are no more items in the collection.
        </pre>
</div>

<div class="method">
    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
  <pre>Updates a Certificate.

Args:
  name: string, Identifier. A user-defined name of the certificate. Certificate names must be unique globally and match pattern `projects/*/locations/*/certificates/*`. (required)
  body: object, The request body.
    The object takes the form of:

{ # Defines TLS certificate.
  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The creation timestamp of a Certificate.
  &quot;description&quot;: &quot;A String&quot;, # Optional. One or more paragraphs of text description of a certificate.
  &quot;expireTime&quot;: &quot;A String&quot;, # Output only. The expiry timestamp of a Certificate.
  &quot;labels&quot;: { # Optional. Set of labels associated with a Certificate.
    &quot;a_key&quot;: &quot;A String&quot;,
  },
  &quot;managed&quot;: { # Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it&#x27;s authorized to do so. # If set, contains configuration and state of a managed certificate.
    &quot;authorizationAttemptInfo&quot;: [ # Output only. Detailed state of the latest authorization attempt for each domain specified for managed certificate resource.
      { # State of the latest attempt to authorize a domain for certificate issuance.
        &quot;attemptTime&quot;: &quot;A String&quot;, # Output only. The timestamp, when the authorization attempt was made.
        &quot;details&quot;: &quot;A String&quot;, # Output only. Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum.
        &quot;domain&quot;: &quot;A String&quot;, # Output only. Domain name of the authorization attempt.
        &quot;failureReason&quot;: &quot;A String&quot;, # Output only. Reason for failure of the authorization attempt for the domain.
        &quot;state&quot;: &quot;A String&quot;, # Output only. State of the domain for managed certificate issuance.
        &quot;troubleshooting&quot;: { # Troubleshooting information for the authorization attempt. # Output only. Troubleshooting information for the authorization attempt. This field is only populated if the authorization attempt failed.
          &quot;cname&quot;: { # CNAME troubleshooting information. # Output only. CNAME troubleshooting information.
            &quot;expectedData&quot;: &quot;A String&quot;, # Output only. The expected value of the CNAME record for the domain, equals to `dns_resource_record.data` in the corresponding `DnsAuthorization`.
            &quot;name&quot;: &quot;A String&quot;, # Output only. The name of the CNAME record for the domain, equals to `dns_resource_record.name` in the corresponding `DnsAuthorization`.
            &quot;resolvedData&quot;: [ # Output only. The resolved CNAME chain. Empty list if the CNAME record for `CNAME.name` is not found. Otherwise the first item is the value of the CNAME record for `CNAME.name`. If the CNAME chain is longer, the second item is the value of the CNAME record for the first item, and so on.
              &quot;A String&quot;,
            ],
          },
          &quot;ips&quot;: { # IPs troubleshooting information. # Output only. IPs troubleshooting information.
            &quot;resolved&quot;: [ # Output only. The list of IP addresses resolved from the domain&#x27;s A/AAAA records. Can contain both ipv4 and ipv6 addresses.
              &quot;A String&quot;,
            ],
            &quot;serving&quot;: [ # Output only. The list of IP addresses, where the certificate is attached and port 443 is open.
              &quot;A String&quot;,
            ],
            &quot;servingOnAltPorts&quot;: [ # Output only. The list of IP addresses, where the certificate is attached, but port 443 is not open.
              &quot;A String&quot;,
            ],
          },
          &quot;issues&quot;: [ # Output only. The list of issues discovered during the authorization attempt.
            &quot;A String&quot;,
          ],
        },
      },
    ],
    &quot;dnsAuthorizations&quot;: [ # Optional. Immutable. Authorizations that will be used for performing domain authorization.
      &quot;A String&quot;,
    ],
    &quot;domains&quot;: [ # Optional. Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution.
      &quot;A String&quot;,
    ],
    &quot;issuanceConfig&quot;: &quot;A String&quot;, # Optional. Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format `projects/*/locations/*/certificateIssuanceConfigs/*`. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa.
    &quot;provisioningIssue&quot;: { # Information about issues with provisioning a Managed Certificate. # Output only. Information about issues with provisioning a Managed Certificate.
      &quot;details&quot;: &quot;A String&quot;, # Output only. Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum.
      &quot;reason&quot;: &quot;A String&quot;, # Output only. Reason for provisioning failures.
    },
    &quot;state&quot;: &quot;A String&quot;, # Output only. State of the managed certificate resource.
  },
  &quot;name&quot;: &quot;A String&quot;, # Identifier. A user-defined name of the certificate. Certificate names must be unique globally and match pattern `projects/*/locations/*/certificates/*`.
  &quot;pemCertificate&quot;: &quot;A String&quot;, # Output only. The PEM-encoded certificate chain.
  &quot;sanDnsnames&quot;: [ # Output only. The list of Subject Alternative Names of dnsName type defined in the certificate (see RFC 5280 4.2.1.6). Managed certificates that haven&#x27;t been provisioned yet have this field populated with a value of the managed.domains field.
    &quot;A String&quot;,
  ],
  &quot;scope&quot;: &quot;A String&quot;, # Optional. Immutable. The scope of the certificate.
  &quot;selfManaged&quot;: { # Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user&#x27;s responsibility. # If set, defines data of a self-managed certificate.
    &quot;pemCertificate&quot;: &quot;A String&quot;, # Optional. Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any.
    &quot;pemPrivateKey&quot;: &quot;A String&quot;, # Optional. Input only. The PEM-encoded private key of the leaf certificate.
  },
  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The last update timestamp of a Certificate.
  &quot;usedBy&quot;: [ # Output only. The list of resources that use this Certificate.
    { # Defines a resource that uses the certificate.
      &quot;name&quot;: &quot;A String&quot;, # Output only. Full name of the resource https://google.aip.dev/122#full-resource-names, e.g. `//certificatemanager.googleapis.com/projects/*/locations/*/certificateMaps/*/certificateMapEntries/*` or `//compute.googleapis.com/projects/*/locations/*/targetHttpsProxies/*`.
    },
  ],
}

  updateMask: string, Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # This resource represents a long-running operation that is the result of a network API call.
  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
      {
        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
      },
    ],
    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
  },
  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
  },
  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
  &quot;response&quot;: { # The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
  },
}</pre>
</div>

</body></html>